This repository has been archived by the owner on Dec 13, 2023. It is now read-only.
Allow for an upgrade of log4j2 versions by loosening constraint #3321
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This PR is stale, because it has been open for 45 days with no activity. Remove the stale label or comment, or this will be closed in 7 days. |
|
Stale, commenting again. Hoping someone can take a look at this since it blocks consumers of client libraries unnecessarily. |
apanicker-nflx
approved these changes
Jan 23, 2023
|
PR looks good to merge, please resolve conflicts |
…-loosen-constraints
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request type
./gradlew generateLock saveLockto refresh dependencies)Changes in this PR
Upgrade log4j and also loosen the constraint so that people that use the libraries, such as
commonorclientcan upgrade their log4j on their end to future versions.Describe the new behavior from this PR, and why it's needed
The current strictness constraint on log4j does not allow people that use Conductor to upgrade log4j on their end. This should make it a minimum to be 2.17.2, but also allow for people to move further ahead if they need to as well.